Enabling reCAPTCHA Functionality

To enable the reCAPTCHA functionality, you need to set the below listed system options based on your association’s requirements.

System Option Description
AllowedReCaptchaVersions To select the reCAPTCHA version (V2 or V3) from the Current Setting drop-down option.
EnableReCaptcha To Enable/Disable reCAPTCHA.
ReCaptchaApiUrl Google API URL to implement reCAPTCHA functionality.
ReCaptchaVerifyUrl URL used by Google API to verify the reCAPTCHA functionality.
ReCaptchaVersionThreeScore The maximum score allowed by the client to detect a bot (default is 0.5).
ReCaptchaVersionThreeSecretKey Version Three Secret Key used by Google API to implement the reCAPTCHA. Follow the below mentioned steps to generate your secret key.
ReCaptchaVersionThreeSiteKey Version Three Site Key used by Google API to implement the reCAPTCHA. Follow the below mentioned steps to generate your site key.
ReCaptchaVersionTwoSecretKey Secret Key used by Google API to implement the reCAPTCHA. Follow the below mentioned steps to generate your secret key.
ReCaptchaVersionTwoSiteKey Site Key used by Google API to implement the reCAPTCHA. Follow the below mentioned steps to generate your site key.

Based on the google doc (https://developers.google.com/recaptcha/docs/display and https://developers.google.com/recaptcha/docs/verify), the value for the system option ReCaptchaApiUrl must be set as https://www.google.com/recaptcha/api.js and for the system option ReCaptchaVerifyUrl must be set as https://www.google.com/recaptcha/api/siteverify.

To generate the site and secret keys for the system options ReCaptchaVersionThreeSecretKey, ReCaptchaVersionThreeSiteKey, ReCaptchaVersionTwoSecretKey, and ReCaptchaVersionTwoSiteKey for your organization, follow the instruction given below.

Creating the Site and Secret Keys for Versions V2 and V3

  1. Navigate to https://www.google.com/recaptcha/admin and login with your Organization’s Google account credentials.

  2. On the displayed Google reCAPTCHA form, click the Add icon.

  3. On the displayed registration form, enter the following information and click the Submit button.

    1. In the Label field, enter the desired label.

    2. Select the reCAPTCHA V2 check box if registering for reCAPTCHA Version 2. Or select the reCAPTCHA V3 check box if registering for reCAPTCHA Version 3.

    3. Specify your domain in the Domains textbox field.

    4. Read the reCAPTCHA terms of service and select the Accept the reCAPTCHA Terms of Service check box.

    On submitting the form, you will be directed to the following page. You can view and copy the Site & Secret keys.

    Note: The values mentioned in the below screenshot is only for reference and should not be copied. The user should create their own site & secret keys

    You can also view or copy the Site & Secret keys when needed by following the below steps.

    1. To view or copy the keys, navigate to the Admin console, select the key title that you specified while creating the key, and then click on the Settings icon as see in the below screenshot.

    2. You will be directed to the following page. Click the reCAPTCHA keys hyperlink as highlighted in the below screenshot and it will display the keys.

Add all the required domains by following the above steps.

Logging into eWeb with reCAPTCHA Functionality Enabled

While the System Option AllowedReCaptchaVersions set as V2

With the system option EnableReCaptcha set to true and all other system options listed above (in this topic) set as per your association’s need, when the customer access the eWeb’s My Account page, the system displays the Sign In or Create an Account form with reCAPTCHA box.

On the eWeb Login screen, if the customer attempts to proceed without selecting the I’m not a robot check box, the system refreshes the form and displays the Please verify that you are not a robot. message. The customer will be required to validate the reCAPTCHA check box before clicking the Login button to successfully log into their eWeb profile.

Note: All the errors get logged in database.

Other Areas of eWeb with reCAPTCHA Functionality

If a non-registered customer tries to register and create an account in eWeb, while validating the email, the Account Search Result form with reCAPTCHA validation box displays and the customer need to select the I’m not a robot check box on the reCAPTCHA box before clicking the Send Validation Email button. If the customer attempts to proceed without selecting this check box, the system refreshes the form and displays the Please verify that you are not a robot. message on the Account Search Result form.

On the Forgot Your password? form, the customer will be required to select the I’m not a robot check box on the reCAPTCHA box before submitting the email address. If the customer attempts to proceed without selecting this check box, the system refreshes the form with the Please verify that you are not a robot. message on it.

The New Visitor Registration | Create an Account form on eWeb contains reCAPTCHA box. After filling the registration details, the customer will be required to select the I'm not a robot check box before clicking the Continue button. If the customer attempts to proceed without selecting this check box, the system refreshes the New Visitor Registration | Create an Account form with the Please verify that you are not a robot. message as shown in the below screenshot.

While making donation whether as anonymous user or logged in user, on the Gift/Donation Information form, the customer will be required to select the I’m not a robot check box on the reCAPTCHA box before clicking the Complete Donation button. If the customer attempts to proceed without selecting this check box, the system refreshes the form with the Please verify that you are not a robot. message on it.

On changing the value of the AllowedReCaptchaVersions system option from V2 to V3

If the admin user changes the AllowedReCaptchaVersions system option from V2 to V3, then on eWeb login page, instead of reCAPTCHA box with I’m not a robot check box, the system will display Google reCAPTCHA icon at the bottom right of the screen. There is no challenge to select specified objects or the images as it does in the V2 version. Instead, it returns a probability score between 0 to 1.0 based on the user’s action history on eWeb. And based on the set score value in the system option ReCaptchaVersionThreeScore, the system will grant access to continue further or displays Please verify that you are not a robot. message. This applies to all the eWeb pages where the reCAPTCHA functionality is implemented.

Important: Once the system option is updated, make sure to clear cache in NetForum to reflect the updates made.

To clear cache in NetForum, go to the Admin module > Overview group item > and click the Clear Cache group item link. The Initiate All Clear Cache page will appear. click the OK button.

Sign In or Create an Account form with Google reCAPTCHA icon

Note: In case you get the Please verify that you are not a robot. message while accessing eWeb, wait for 15 Minutes and try again. This may be due to Google API found the action to be suspicious.

Account Search Result form with Google reCAPTCHA icon

 

Forgot your password form with Google reCAPTCHA icon

 

New Visitor Registration | Create an Account form with Google reCAPTCHA icon

 

Gift/Donation Information form with Google reCAPTCHA icon

 

Note: With the system option EnableReCaptcha set to true, if the admin user does not set the AllowedReCaptchaVersions system option and it remains empty, then the eWeb forms where reCAPTCHA functionality implemented will display the Error Rendering reCAPTCHA message while the customer attempts to access or use eWeb.